In July 2023, the Association of Southeast Asian Nations officially opened a joint cyber security information sharing and research centre, or Cybersecurity and Information Centre of Excellence, in a bid to increase the region’s shared cyber threat defences.
The centre is a response to a changing threat landscape. At the opening of the ACICE, Singapore’s Ministry of Defence said Singapore alone experienced a 174% increase in phishing attempts between 2021 and 2022, while Southeast Asia cyber crime had increased 82%.
Recorded Future Chief Information Security Officer Jason Steer told TechRepublic some customers in the region felt digitisation was turning data from gold into uranium due to cyber risk. He named digital supply chains and AI as key risk considerations for ASEAN CISOs.
Digitisation trend in ASEAN causes rising risk consciousness
The ASEAN region, like other emerging markets, is experiencing a rapid acceleration in digitisation. With the growth of cloud providers like Microsoft and AWS, businesses and governments are using these services to make operations more scalable, whether that is to digitise processes like invoicing and payroll or to better manage remote work growth.
This digitisation trend comes with risk. At threat intelligence firm Recorded Future’s local conference in the region, Steer said CISOs in ASEAN were more conscious than ever now that, although they want lots of data about clients because of the value it can drive for their businesses, there is a rising consciousness that the appetite for data also brings risks.
SEE: Australia’s cyber shields strategy needs data science considerations.
“One of our guest CISOs made the point that, historically, data has been viewed as gold,” Street said. “But, when looking at what organisations have experienced over the last 12 to 18 months, data is now viewed more like uranium: The more data you have, the more risk, and the more you have to do to protect and secure it. How do you manage that risk appropriately now?”
ASEAN nations feeling the heat of more cyber criminal activity
ASEAN CISOs are right to be worried. The Asia-Pacific region as a whole was the most attacked region in the world in 2022, according to a report from IBM (Figure A).
Further, a July 2023 survey by Cloudflare of 4,000 cyber security managers in the region found that 78% of those interviewed had experienced at least one cyber security incident in the previous 12 months. Of those attacked, 80% reported four or more incidents, and 50% had experienced 10 or more.
ASEAN nations are keenly feeling this increase in activity. Cloudflare’s report found that, in Malaysia, Indonesia and The Philippines, the largest challenge for cyber security leaders was defending against cyber attacks in the form of phishing, web attacks and business email compromise (Figure B). For CISOs in Singapore and Thailand, this risk was topped by the need to secure their remote workforces, an increasing need in a cloud-driven working environment.
Supply chain risks a key factor in a connected digital world
The risks of digitisation are amplified by organisations who now rely on their digital supply chain. For example, 48% of Singapore-based respondents to Cloudflare’s survey who were rating the top issues with their cyber security architecture named limited oversight over their IT supply chain as an issue, just behind their applications and data being stored on the public cloud (50%).
Steer said that all organisations in ASEAN, and for that matter around the world, were buying digital solutions from product vendors but were not necessarily tracking the cyber security postures of this extended ecosystem. If one of those critical tools in the supply chain is down, the impact will be felt on the business because a cog in the business process has gone down.
“At Recorded Future, if AWS goes down for 20 minutes, that would be the whole platform down until we transition to the next region,” Steer said. “You can mitigate some of these supply chain issues to some extent, but it is important for organisations to ask what their plan is to recover and restore operations and how long they can be down until it impacts their ability to service clients.
“The supply chain in large organisations is getting longer and bigger; it is not just third parties, but their suppliers. This is a hard thing to think about, particularly when you don’t sign contracts with a supplier’s suppliers. While there may be little you can do, you need to at least start to think about what that looks like and how to manage risks better.”
Geopolitical conflicts another risk to digital supply chains
The impact of conflict or geopolitical tension is of concern in ASEAN, as it is a region that relies on trade. Steer said tensions such as those between China and The Philippines in the South China Sea, an important shipping lane, was on the minds of CISOs in organisations. This conflict has the potential to impact digital supply chains as well as increase uncertainty around cyber threats facing organisations, governments or infrastructure.
Artificial intelligence could also impact organisations and CISOs
ASEAN CISOs are considering the positive and negative impacts that the explosion in artificial intelligence tools may have on cyber defences and attack trends in the region. One of the key discussions, according to Steer, is the governance of organisational data.
PREMIUM: Stay compliant with this data governance checklist.
CISOs are walking the line between outright banning AI tools like ChatGPT to ensure organisational data is protected from leaks or going all in on AI to realise the potential business advantages.
AI could have an impact on regional elections in ASEAN
Steer said a discussion point around AI in the region was election manipulation, particularly from state actors. With a variety of precedents around the world from previous recent elections, he said threat actors, empowered by the ease of creating content using AI tools, now had the ability to create more convincing fake disinformation campaigns. This could impact the likes of Indonesia’s election coming up in February 2024, which would influence business and politics.
AI could help to secure data in the region more effectively
The opportunity to fight fraud and improve security could improve with AI. Steer said users authenticating to a banking application would normally use their username, password and strong multi-factor authentication. In a world of AI, more data could add layers of security to accounts, such as where log-ins occur, what time log-ins typically happen and the IP address they usually come from.
“With a lot more data points, there is not only the chance to create a better user experience, but better prevent fraud and account takeover as well,” Steer said.
ASEAN nations setting sights on cyber security together
The launch of the ACICE showed ASEAN nations are continuing to work more closely together on cyber security. The region has also developed a joint cyber security strategy and data protection framework and is working on creating a unified ASEAN security emergency response team. Skilling up ASEAN workforces is on the agenda; Malaysia has committed to training and certifying 20,000 cyber security professionals by 2025 as part of its cyber security strategy.
Steer said Singapore and Malaysia stand out in the region for advanced cyber security practices. The large number of global companies using it as a base has boosted the local talent pool and infrastructure. Other nations, like The Philippines, are raising the bar as well as regional cyber security standards rise, in part because of the supply chain governance and risk frameworks they are being compelled to follow to keep up with competitors in the region.